Hi, we in the process of retiring a SolidFire cluster and I am trying to figure out the commands to securely wipe the entire cluster. I see how to secure erase drives, but not sure the process for doing the entire array. We are on Element OS 11.1. Thanks.
- As you use Element ISO to RTFI a node, you'll see that one of the steps involves (S)ATA Secure Erase commands. That's what securely wipes metadata and data disks used by SolidFire in seconds. If you're paranoid, you can watch the console until past this step to verify this worked properly. SolidFire cluster encrypts drives using own or external key, so once the cluster is destroyed, I don't think anyone can get to the data in any case, but RTFI makes double sure of that
- OS boot disk will be reformatted by RTFI, but not erased in the same, secure fashion. Generally there's nothing confidential on reformatted boot disk (if you could recover those files, you'd find the usual - OS IPs, DNS IP, maybe some encrypted creds, etc), but you could load another (generic Linux) ISO after RTFI and overwrite that boot disk one or more times. I'm not sure if OS boot disk uses LUKS, in which case that would be unnecessary, but I think it doesn't.
Thanks for the info...everything has been RTFI'd except for one H610s storage node. Once it starts to boot off the USB drive, it boots ember up until the SolidFire graphic appears and then just hangs. Any advice for this?
Approach 3) I'm not 100% sure if this would work with NVMe disks that H610S has, but it seems newer Linux has the utility so load any Live ISO and nuke the NVMe disks. There's a Wiki for the CLI here: https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase. Or, depending on whether that's considered acceptable or not, format NVMe disks and and do several overwrite cycles.